Software Security Control Assessor

Job Number: R Software Security Control Assessor, Junior The Opportunity: Cyber threats are everywhere, and the constantly evolving nature of these threats can make understanding them seem overwhelming. In all of this "cyber noise," how can these organizations understand their risks and how to mitigate them? The answer is you. We need your knowledge as an information security risk spe cia list to help break down complex threats into manageable plans of action. As a Sof tware Security Control Assessor on our team, you'll assist U.S. Space Force programs with discovering their sof tware security cyber risks, understanding applicable policies , and developing a mitigation plan. You'll gather te chn ical, environmental, and personnel details from sof tware developers and sof tware security engineers to help with assessment of the entire threat landscape. You'll learn how to guide U.S. Space Force programs through a plan of action with presentations, white papers, and milestones and help to translate sof tware security concepts so they can make the best decisions to secure their mission critical space systems. This is your opportunity to build experience in the exciting and rapidly evolving domain of space systems cybersecurity while developing greater breadth and depth of sof tware security knowledge. Work with us as we protect our nation's mission critical space systems. Join us. The world can't wait. You Have: Experience with determining the security controls of information systems, networks, or sof tware components
Experience with assessing security controls and determining asso cia ted risk
Knowledge of cybersecurity principles and methods that apply to sof tware development such as modularization, layering, abstraction, data hiding, or simplicity and minimization
Knowledge of system and application security threats and vulnerabilities such as buffer overflow, mobile code, cross-site scripting, Procedural Language / Structured Query Language ( PL / SQL ) and injections, race c ond itions, covert channel, replay, return-oriented attacks, and malicious code
Knowledge of risk management processes such as methods for assessing and mitigating risk, policies , requirements, and procedures, and sof tware development models such as Waterfall Model, Spiral Model, and DevSecOps
Ability to identify, tailor, and assess security controls for sof tware security throughout the sof tware development life cycle such as requirements, design, implementation, test, deployment, operations and maintenance, and decommissioning
Ability to perform risk analysis such as threat, vulnerability, impact, and likelihood of occurrence, based on findings provided by sof tware security engineers
Secret clearance Bachelor's degree
Ability to obtain Security+ CE or CISSP certification within 6 months of hire Nice If You Have: Experience in designing countermeasures to identified security risks.
Experience with secure test plan design such as unit, integration, system, and acceptance
Knowledge of secure sof tware deployment methodologies, tools, and practices.
Knowledge of national and international laws, regulations, policies , and ethics as they relate to cybersecurity such as Risk Management Framework ( RMF ) , and DoD Application Security and Development ( ASD ) Security Te chn ical Implementation Guide ( STIG ) Knowledge of embedded systems or operational te chn ology ( OT ) Knowledge of supply chain risk management standards, processes, and practices
Ability to identify basic common secure coding flaws at a high level
Top Secret clearance Security+ CE or CISSP certification
CSSLP certification Clearance: Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information ; Secret clearance is required. Create Your Career: Grow With Us Your growth matters to us-that's why we offer a variety of ways for you to develop your career. With professional and leadership development opportunities like upskilling programs , tuition reimbursement, mentoring, and firm-sponsored networking, you can chart a unique and fulfilling career path on your own terms. A Place Where You Belong Diverse perspectives cultivate collective ingenuity. Booz Allen's culture of respect, equity, and opportunity means that, here, you are free to bring your whole self to work. With an array of business resource groups and other opportunities for connection, you'll build your community in no time. Support Your Well-Being Our comprehensive benefits package includes wellness programs with HSA contributions, paid holidays, paid parental leave, a generous 401 ( k ) match, and more. With these benefits, plus the option for flexible schedules and remote and hybrid locations, we'll support you as you pursue a balanced, fulfilling life-at work and at home. Your Candidate Journey At Booz Allen, we know our people are what propel us forward, and we value relationships most of all. Here, we've compiled a list of resources so you'll know what to expect as we forge a connection with you during your journey as a candidate with us. Compensation At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen's benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page. Salary at Booz Allen is determined by various factors, including but not limited to location, the individual's particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $51,600.00 to $106,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen's total compensation package for employees. This posting will close within 90 days from the Posting Date. Work Model
Our people-first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely. If this position is listed as remote or hybrid, you'll periodically work from a Booz Allen or client site facility.
If this position is listed as onsite, you'll work with colleagues and clients in person, as needed for the specific role. EEO Commitment We're an equal employment opportunity/affirmative action employer that empowers our people to fearlessly drive change - no matter their race, color, ethnicity, religion, sex (including pregnancy, childbirth, lactation, or related medical conditions), national origin, ancestry, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, military or uniformed service member status, genetic information, or any other status protected by applicable federal, state, local, or international law.